Florist Somers Town Privacy Policy

Introduction

At Florist Somers Town, we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we process your personal information when you place an order with us. It applies to all customers in Somers Town and the surrounding districts who use Florist Somers Town services. We comply fully with the UK General Data Protection Regulation (“GDPR”) and other applicable data protection laws.

What Data We Collect

Depending on the nature of your order and interaction with Florist Somers Town, we may collect and process the following categories of personal data:

  • Identity Data: First and last name, title.
  • Contact Data: Delivery address, billing address, email address, and telephone number.
  • Order Data: Details of the products you have ordered, delivery instructions, messages or card messages for recipients.
  • Payment Data: (Where applicable) Payment transaction details (processed through secure third-party payment processors; we do not retain your full card information).
  • Technical Data: IP address, browser type and version, time zone setting, device type, and other technical details collected automatically to secure our website and improve service.
  • Communications Data: Emails or messages sent to our customer service and any feedback provided.

Lawful Basis for Processing Your Data

Under the GDPR, we must have a lawful basis for every use of your personal data. The lawful bases we rely on include:

  • Contractual Necessity: Most of your data is processed to perform our contract with you—for example, to process and deliver your order, communicate with you regarding your order, and arrange payment.
  • Legal Obligation: Certain data may be processed to comply with legal requirements, such as maintaining financial records for audit or tax purposes.
  • Legitimate Interests: We may use your data to pursue legitimate interests, such as improving our products, enhancing our customer service, preventing fraud, and ensuring our website is secure, provided these interests do not override your data protection rights.
  • Consent: Where required, we will only use your data for marketing activities or where you have given explicit consent. You may withdraw this consent at any time.

How We Use Your Personal Data

We use your personal data for the following purposes:

  • Processing and fulfilling your flower orders, including delivery communications.
  • Managing payments, fees, and charges.
  • Maintaining business records and complying with our legal obligations.
  • Responding to your customer service queries and requests.
  • Understanding preferences to improve our products and services (e.g., anonymised analytics).
  • With your consent, providing you with information about our products, promotions, and offers (you may opt out at any time).

Data Retention

Florist Somers Town will retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention periods vary depending on the type of data and the reason it was collected:

  • Order and Transaction Data: Typically retained for a minimum of six years to comply with legal and tax obligations.
  • Communication Data: Retained for up to two years to allow appropriate handling of queries and feedback.
  • Marketing Data: Retained until you unsubscribe or withdraw consent. If you opt-out, we may retain necessary information to ensure compliance with your request.

At the end of the retention period, we securely delete or anonymise your personal data.

Third-Party Data Processors

We work with trusted third-party service providers to help us deliver our services. They act as data processors on our behalf and may include:

  • Payment processing providers (for handling card payments securely).
  • Delivery couriers and logistics partners (for delivering your order).
  • IT support and website hosting providers.
  • Professional advisers (accountants, legal advisers, compliance consultants).
  • Analytics providers (to help us improve our website and services).

All processors are contractually obliged to protect your data, process it only on our instructions, and adhere to the requirements of the GDPR. We do not sell or rent your personal data to third-parties for marketing purposes.

International Data Transfers

Florist Somers Town operates primarily within the UK. If any of our service providers process data outside the UK or European Economic Area, we ensure adequate safeguards are in place (such as Standard Contractual Clauses) to protect your personal information in accordance with data protection law.

Security of Your Data

We take data security seriously. Appropriate technical and organisational measures are in place to protect your personal data against unauthorised access, loss, destruction, or alteration. Access to personal data is strictly limited to those employees and agents on a need-to-know basis.

Your Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data in certain circumstances ('right to be forgotten').
  • Right to Restrict Processing: Ask us to limit processing of your personal data.
  • Right to Data Portability: Request transfer of your data to another service provider in a structured, commonly used, machine-readable format.
  • Right to Object: Object to processing of your data based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

If you wish to exercise any of these rights, please contact us with valid identification to ensure security. We will respond to all legitimate requests within one month.

Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or for other operational reasons. We encourage you to revisit this page periodically to stay informed about how we protect your data.

Our Commitment to You

Florist Somers Town takes privacy seriously and handles all customer data in accordance with the GDPR and best practices in data security. If you have concerns about your data or how it is handled, or if you wish to make a complaint, please contact us and we will address your query promptly. If you are not satisfied with our response, you also have the right to contact the Information Commissioner’s Office (ICO) in the UK for further assistance.